Lucene search
K

3172 matches found

CVE
CVE
added 2008/04/11 7:0 p.m.59 views

CVE-2008-1731

Technical details about CVE-2008-1731 are not publicly provided in the supplied documents. Monitor for updates from related advisories, vendors, or CVE records.

7.5CVSS6.5AI score0.01604EPSS
Exploits0References6Affected Software1
Drupal
Drupal
added 2008/04/09 12:0 a.m.12 views

SA-2008-025 - Simple access - Access bypass

The Simple Access module is a node access module that allows administrators to make some nodes private and/or editable by certain user roles. The module contains a flaw that results in the privacy information for a node being lost under certain conditions. These conditions are usually triggered v...

6.8AI score
Exploits0References6
Debian
Debian
added 2008/03/09 2:39 p.m.38 views

[SECURITY] [DSA 1514-1] New moin packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1514-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 9, 2008 http://www.debian.org/security/faq -...

5.8CVSS7.2AI score0.14787EPSS
Exploits2
OSV
OSV
added 2008/03/09 12:0 a.m.23 views

DSA-1514-1 moin

Bulletin has no description...

5.8CVSS6.2AI score0.14787EPSS
Exploits2
NVD
NVD
added 2008/02/12 1:0 a.m.20 views

CVE-2008-0687

Cross-site scripting XSS vulnerability in siteadmin/editorfiles/includes/loadmessage.php in the Youtube Clone Script allows remote attackers to inject arbitrary web script or HTML via the langpleasewait parameter...

7.5CVSS5.7AI score0.01386EPSS
Exploits0References4
Cvelist
Cvelist
added 2008/02/12 12:0 a.m.21 views

CVE-2008-0687

Cross-site scripting XSS vulnerability in siteadmin/editorfiles/includes/loadmessage.php in the Youtube Clone Script allows remote attackers to inject arbitrary web script or HTML via the langpleasewait parameter...

5.7AI score0.01386EPSS
Exploits0References4
CVE
CVE
added 2008/02/12 12:0 a.m.41 views

CVE-2008-0687

CVE-2008-0687 affects the Youtube Clone Script. Affected component: siteadmin/editor_files/includes/load_message.php. Vulnerability: cross-site scripting (XSS) via the lang[please_wait] parameter, enabling remote attackers to inject arbitrary web script or HTML. Impact stated: partial confidentia...

7.5CVSS5.7AI score0.01386EPSS
Exploits0References4Affected Software1
exploitpack
exploitpack
added 2008/02/04 12:0 a.m.13 views

HispaH YouTube Clone - load_message.php Cross-Site Scripting

HispaH YouTube Clone - loadmessage.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27598/info HispaH Youtube Clone is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/04 12:0 a.m.22 views

HispaH YouTube Clone - 'load_message.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27598/info HispaH Youtube Clone is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the context of an unsuspecting...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/02/03 12:0 a.m.45 views

Youtube Clone Xross Site Scripting (load_message.php)

Discovered by Smasher CMS: Youtube Clone Script Site: http://warwolfz.altervista.org WarWolfZ Security Crew. Hello i don't know if this vuln is already out , but i've searched in securityfocus and is not present. Bug found in loadmessage.php at line 4: ?php echo $lang'pleasewait'; ? Ex:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/03 12:0 a.m.29 views

youtubeclone-xss.txt

Discovered by Smasher CMS: Youtube Clone Script Site: http://warwolfz.altervista.org WarWolfZ Security Crew. Hello i don't know if this vuln is already out , but i've searched in securityfocus and is not present. Bug found in loadmessage.php at line 4: Ex:...

7.4AI score
Exploits0
NVD
NVD
added 2007/12/31 8:46 p.m.14 views

CVE-2007-6603

Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via ...

5CVSS6.8AI score0.02857EPSS
Exploits0References4
CVE
CVE
added 2007/12/31 8:0 p.m.57 views

CVE-2007-6603

CVE-2007-6603 affects Hot or Not Clone. The issue is insufficient access control for producing/reading database backups: an attacker can trigger control/backup/backup.php to generate a backup.sql and then download it via control/downloadfile.php, exposing administrator credentials. The NVD entry ...

5CVSS6.8AI score0.02857EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/12/31 8:0 p.m.23 views

CVE-2007-6603

Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via ...

6.8AI score0.02857EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2007/12/29 12:0 a.m.26 views

hotornot-backup.txt

Name : Hot or Not Clone by Jnshosts.com Dump backup And See Password Admin Download From : http://www.jnshosts.com/downloads/hot-or-not-clone-script/index.php Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Copyright @ 2007 Powered By Hot or Not Clone by Jnshosts.com Rate My Pic ::...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/11/26 12:0 a.m.27 views

hotscripts-sql.txt

--==+================================================================================+==-- --==+ HotScripts Clone Script SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: N/A DORK google:...

7.4AI score
Exploits0
Prion
Prion
added 2007/11/22 12:46 a.m.15 views

Sql injection

SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.1AI score0.01006EPSS
Exploits0References3
NVD
NVD
added 2007/11/22 12:46 a.m.13 views

CVE-2007-6084

SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.01006EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/11/22 12:0 a.m.24 views

CVE-2007-6084

SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.01006EPSS
Exploits0References3
CVE
CVE
added 2007/11/22 12:0 a.m.47 views

CVE-2007-6084

CVE-2007-6084 describes an SQL injection vulnerability in the HotScripts Clone Script, specifically in the file software-description.php. The issue allows remote attackers to inject arbitrary SQL via the id parameter, leading to potential data exposure or modification. The connected documents con...

7.5CVSS8.4AI score0.01006EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder